Towards Correct Transformation: From High-Level Models to Time- - - PowerPoint PPT Presentation
Towards Correct Transformation: From High-Level Models to Time- Triggered Implementations H. GUESMI (3) , B. BEN HEDIA (1) , S. BLIUDZE (2) , M. JAN (1) and S. BENSALEM (3) (1) CEA, LIST, Embedded Real Time Systems Laboratory, 91191
&
www.cea.fr
BENSALEM(3)
(1)CEA, LIST, Embedded Real Time Systems Laboratory, 91191 Gif-sur-Yvette, France (2) EPFL IC IINFCOM RiSD, Station 14, 1015 Lausanne, Switzerland (3) Verimag, Université Joseph Fourrier, 38610 Gieres, France
April 2016
| 2 &
2
April 2016
| 3 &
2
techniques such as formal verification, simulation, and testing Targets generic execution model
April 2016
| 4 &
2
techniques such as formal verification, simulation, and testing Targets generic execution model No high-level programming models to tackle complexity Implement TT execution model
April 2016
| 5 &
2
techniques such as formal verification, simulation, and testing Targets generic execution model No high-level programming models to tackle complexity Implement TT execution model
April 2016
| 6 &
Timedautomata Connectors representinginteractions Mechanism for Conflict resolution between interactions
p1 p2 p3 q
x є [2,3] x := 0 x == 1 x := 0 L1 L2
3
April 2016
| 7 &
Timedautomata Connectors representinginteractions Mechanism for Conflict resolution between interactions
p1 p2 p3 q
x є [2,3] x := 0 x == 1 x := 0 L1 L2
2 2 1
a b c d e f
3
Synchronization node No constraint node “After” node “Before” node “advance” node
3
April 2016 | 10
&
TT-BIP = tasks components + communication components + unidirectional interactions.
TT paradigm
RT-BIP Model TT platform
Executable code
TT-BIP Model
Model-to-model Transformation
4
April 2016 | 11
&
TT-BIP = tasks components + communication components + unidirectional interactions.
TT paradigm
RT-BIP Model TT platform
Executable code
TT-BIP Model
Model-to-model Transformation
4
TT-BIP is not easily translated to an executable
April 2016 | 12
&
TT-BIP = tasks components + communication components + unidirectional interactions.
Challenges:
TT paradigm
RT-BIP Model TT platform
Executable code
TT-BIP Model TCA model
Model-to-model Transformation
Model-to-code Transformation
4 Constraints only on the start instant of an action Can be constrained both the release and deadline instants of an action
1
L1 L2 tc: 1≤ x ≤4 tpc: x ≤5
b
Reset x
a
? 1
a
?
b
April 2016 | 13
&
TT-BIP = tasks components + communication components + unidirectional interactions.
Challenges:
TT paradigm
RT-BIP Model TT platform
Executable code
TT-BIP Model TCA model
Model-to-model Transformation
Model-to-code Transformation
4 Constraints only on the start instant of an action Can be constrained both the release and deadline instants of an action Absolute labeling of constraints Relative labeling of constraints
1 2
April 2016 | 14
&
TT-BIP = tasks components + communication components + unidirectional interactions.
Challenges:
TT paradigm
RT-BIP Model TT platform
Executable code
TT-BIP Model TCA model
Model-to-model Transformation
Model-to-code Transformation
4 Constraints only on the start instant of an action Can be constrained both the release and deadline instants of an action Absolute labeling of constraints Relative labeling of constraints Interactions = data transfer + synchronization between sending and receiving actions Desynchronized interaction= sender provides new values at each synchronizationpoint+ Receivers can consult these values when their current time is equal or higher to the defined visibility dates.
1 2 3
April 2016 | 15
&
TT-BIP = tasks components + communication components + unidirectional interactions.
Challenges:
TT paradigm
RT-BIP Model TT platform
Executable code
TT-BIP Model TCA model
Model-to-model Transformation
Model-to-code Transformation
4 Constraints only on the start instant of an action Can be constrained both the release and deadline instants of an action Absolute labeling of constraints Relative labeling of constraints Interactions = data transfer + synchronization between sending and receiving actions Desynchronized interaction= sender provides new values at each synchronizationpoint+ Receivers can consult these values when their current time is equal or higher to the defined visibility dates.
1 2 3
April 2016 | 16
&
TT-BIP = tasks components + communication components + unidirectional interactions.
Challenges: Correctness proof:
using bisimulation technique. trace equivalence
4 RT-BIP Model TT platform
Executable code
TT-BIP Model TCA model
Model-to-model Transformation
Model-to-code Transformation
Bisimulation TT paradigm
semantics semantics
Centre de Grenoble 17 rue des Martyrs 38054 Grenoble Cedex Centre de Saclay Nano-Innov PC 172 91191 Gif sur Yvette Cedex
[1] Tesnim Abdellatif. Rigourous Implementation of Real-Time Systems. PhD thesis, UJF, 2012. [2] C Aussagues, D Chabrol, V David, D Roux, N Willey, A Tournadre, and M Graniou. PharOS, a multicore OS ready for safety-related automotive systems: results and future prospects. Proc. of The Embedded Real-Time Software and Systems (ERTS2), 2010. [3] Hela Guesmi, Belgacem Ben Hedia, Simon Bliudze, Saddek Bensalem, and Jacques Combaz. Towards time-triggered component- based system models. In ICSEA15, pages 157–169, Barcelone, Spain, November 2015. ThinkMind. [4] Robert Kaiser and Stephan Wagner. Evolution of the PikeOS
Microkernels forEmbedded Systems, pages 50–57,2007. [5] Matthieu Lemerre, Vincent David, Christophe Aussagu`es, and Guy Vidal-Naquet. An introduction to time-constrained automata. In Proc. Of the 3 rd Interaction and Concurrency Experience (ICE 2010), volume 38